Data Protection Impact Assessment Framework in the Banking Sector in Indonesia to Implement Law of Personal Data Protection

Authors

  • Dian Ismiati Anggraini University of Indonesia
  • Panca Oktavia Hadi Putra

DOI:

https://doi.org/10.21609/jsi.v21i1.1439

Keywords:

Data Protection Impact Assessment, DPIA, Law No. 27/2022, Indonesian Banking, General Data Protection Regulation, Risk Management, Personal Data, IT Application

Abstract

Indonesia’s banking industry is evolving in personal data management due to technological advancements, which present both benefits and challenges. Influenced by global standards like the GDPR, Indonesia’s Law No. 27 of 2022 on Personal Data Protection incorporates these principles to enhance data protection. The Data Protection Impact Assessment (DPIA), a key risk mitigation tool mandated by the GDPR, is required for high-risk data processing under Indonesian law, though implementation regulation is still pending.

This research develops and validates a DPIA framework tailored to the Indonesian banking sector, addressing components that can be considered to be the base framework of DPIA in Indonesia. Recommendations include adopting a comprehensive DPIA framework, staff training, instrument validation, integrating DPIAs into business processes, developing IT applications for DPIA, and continuous monitoring. This research offers practical solutions and contributes to the broader data protection literature.

 

Downloads

Download data is not yet available.

Downloads

Published

2025-03-26

How to Cite

Anggraini, D. I., & Panca Oktavia Hadi Putra. (2025). Data Protection Impact Assessment Framework in the Banking Sector in Indonesia to Implement Law of Personal Data Protection . Jurnal Sistem Informasi, 21(1), 15–34. https://doi.org/10.21609/jsi.v21i1.1439

Issue

Vol. 21 No. 1 (2025): Jurnal Sistem Informasi (Journal of Information System)

Section

Articles

License

Authors who publish with this journal agree to the following terms:

  • Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
  • Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  • Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).